Switch over all leftover users to qapi DisplayType.
Then delete the unused display_type variable.
Add 'default' DisplayType, which isn't an actual display type but
a placeholder for "user didn't specify a display". It will be replaced
by the DisplayType actually used, which in turn depends on the
DisplayTypes availabel in the particular build.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180202111022.19269-13-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Switch over the one leftover user to qapi DisplayType.
The delete the unused request_opengl variable.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180202111022.19269-12-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Not used any more, delete it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180202111022.19269-11-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Not used any more, delete it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180202111022.19269-7-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add QAPI DisplayType enum, DisplayOptions union and DisplayGTK struct.
Switch gtk configuration to use the qapi type.
Some bookkeeping (fullscreen for example) is done twice now, this is
temporary until more/all UIs are switched over to qapi configuration.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180202111022.19269-5-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
qapi DisplayType will replace the current enum. For the transition both
will coexist though, so rename it so we don't have a name clash.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180202111022.19269-4-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Leak found thanks to ASAN:
Direct leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x55995789ac90 in __interceptor_malloc (/home/elmarco/src/qemu/build/x86_64-softmmu/qemu-system-x86_64+0x1510c90)
#1 0x7f0a91190f0c in g_malloc /home/elmarco/src/gnome/glib/builddir/../glib/gmem.c:94
#2 0x5599580a281c in v9fs_path_copy /home/elmarco/src/qemu/hw/9pfs/9p.c:196:17
#3 0x559958f9ec5d in coroutine_trampoline /home/elmarco/src/qemu/util/coroutine-ucontext.c:116:9
#4 0x7f0a8766ebbf (/lib64/libc.so.6+0x50bbf)
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
lhs/rhs doesn't tell much about how argument are handled, dst/src is
and const arguments is clearer in my mind. Use g_memdup() while at it.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
SystemTap's dtrace(1) produces the following warning when it encounters
"char const" instead of "const char":
Warning: /usr/bin/dtrace:trace-dtrace-root.dtrace:66: syntax error near:
probe flatview_destroy_rcu
Warning: Proceeding as if --no-pyparsing was given.
This is a limitation in current SystemTap releases. I have sent a patch
upstream to accept "char const" since it is valid C:
https://sourceware.org/ml/systemtap/2018-q1/msg00017.html
In QEMU we still wish to avoid warnings in the current SystemTap
release. It's simple enough to replace "char const" with "const char".
I'm not changing the documentation or implementing checks to prevent
this from occurring again in the future. The next release of SystemTap
will hopefully resolve this issue.
Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 20180201162625.4276-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Previously functions having arguments of type bool was not traced
properly. The bool arguments were missing from the trace.
Signed-off-by: Jon Emil Jahren <jonemilj@gmail.com>
Message-id: 20180129041648.30884-3-jonemilj@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Using the greedy star matching, arguments like "...%"PRIx64 caused issues
for functions with multiple PRI formats.
The issue was only seen with the ust backend, as it is the only one
using the format regex.
The result for many functions was that the arguments coming after the
greedy star end was left out of the tracepoint, and in some cases some
of the arguments that was traced had the wrong format.
Signed-off-by: Jon Emil Jahren <jonemilj@gmail.com>
Message-id: 20180129041648.30884-2-jonemilj@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
PVRDMA is the QEMU implementation of VMware's paravirtualized RDMA device.
It works with its Linux Kernel driver AS IS, no need for any special
guest modifications.
While it complies with the VMware device, it can also communicate with
bare metal RDMA-enabled machines and does not require an RDMA HCA in the
host, it can work with Soft-RoCE (rxe).
It does not require the whole guest RAM to be pinned allowing memory
over-commit and, even if not implemented yet, migration support will be
possible with some HW assistance.
Implementation is divided into 2 components, rdma general and pvRDMA
specific functions and structures.
The second PVRDMA sub-module - interaction with PCI layer.
- Device configuration and setup (MSIX, BARs etc).
- Setup of DSR (Device Shared Resources)
- Setup of device ring.
- Device management.
Reviewed-by: Dotan Barak <dotanb@mellanox.com>
Reviewed-by: Zhu Yanjun <yanjun.zhu@oracle.com>
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
This layer is composed of two sub-modules, backend and resource manager.
Backend sub-module is responsible for all the interaction with IB layers
such as ibverbs and umad (external libraries).
Resource manager is a collection of functions and structures to manage
RDMA resources such as QPs, CQs and MRs.
Reviewed-by: Dotan Barak <dotanb@mellanox.com>
Reviewed-by: Zhu Yanjun <yanjun.zhu@oracle.com>
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Definition of various structures and constants used in backend and
resource manager modules.
Reviewed-by: Dotan Barak <dotanb@mellanox.com>
Reviewed-by: Zhu Yanjun <yanjun.zhu@oracle.com>
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
As all mapping for this device are from driver to device,
declare wrappers on top of pci_dma_*map functions.
In addition, declare macros to be used for debug messages.
Reviewed-by: Dotan Barak <dotanb@mellanox.com>
Reviewed-by: Zhu Yanjun <yanjun.zhu@oracle.com>
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Import the headers used by the pvrdma device.
Part of them are interfaces between the guest driver and the device,
imported under include/standart-headers/drivers/infiniband/... .
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Modify the script to import the headers used by the pvrdma device.
Part of them are interfaces between the guest driver and the device,
import them under include/standart-headers/drivers/infiniband/... .
Remove the unused functions from pvrdma_verbs.h avoiding the
unnecessary import of several infiniband/networking/other headers.
Reviewed-by: Gal Hammer <ghammer@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Currently only file backed memory backend can
be created with a "share" flag in order to allow
sharing guest RAM with other processes in the host.
Add the "share" flag also to RAM Memory Backend
in order to allow remapping parts of the guest RAM
to different host virtual addresses. This is needed
by the RDMA devices in order to remap non-contiguous
QEMU virtual addresses to a contiguous virtual address range.
Moved the "share" flag to the Host Memory base class,
modified phys_mem_alloc to include the new parameter
and a new interface memory_region_init_ram_shared_nomigrate.
There are no functional changes if the new flag is not used.
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Some pointers on how to get a patch into stable.
[contains some suggestions by mdroth and eblake]
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Back when we used to support compiling either with or without
NPTL threading library support, we used a macro THREAD which would
expand either to nothing (no thread support) or to __thread (threads
supported). For a long time now we have required thread support,
so remove the macro and just use __thread directly as other parts
of QEMU do.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20180213132246.26844-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
We properly computed the capped mask size to be put to the application
buffer, but didn't actually used it. Also, we need to return the capped mask
size instead of 0 on success.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180211174704.27441-1-samuel.thibault@ens-lyon.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This unbreaks the testcase from
http://lists.nongnu.org/archive/html/qemu-arm/2018-01/msg00514.html
Thanks to Laurent Vivier for spotting the 7th one.
Signed-off-by: Guido Günther <agx@sigxcpu.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Suggested-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <671eaa99f4e0bf3a58f76f9151f7cfa24662227f.1517565566.git.agx@sigxcpu.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
With glibc 2.27 the openpty function prefers the TIOCGPTPEER ioctl.
Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvmbmhdosb9.fsf_-_@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
RHEL6's compilers don't like the repeated typedef.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The QEMU monitor enters an infinite loop when trying to auto-complete commands
that accept only optional parameters. The commands currently affected by this
issue are 'info registers' and 'info mtree'.
Reported-by: Dimitris Karagkasidis <t.pagef.lt@gmail.com>
Fixes: 48fe86f640
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20180213125143.23488-1-dgilbert@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
The "default" parameter of the "-mon" option is useless since
QEMU v2.4.0, and marked as deprecated since QEMU v2.8.0. That
should have been long enough to let people update their scripts,
so time to remove it now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1513700253-10045-1-git-send-email-thuth@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Highlights of this batch:
* Conversion to TranslatorOps (Emilio Cota)
* Further bugfixes and cleanups to vcpu id allocation for pseries
(Greg Kurz)
* Another bugfix for HPT resizing (Daniel Henrique-Barboza)
* Macintosh CUDA cleanups (Mark Cave-Ayland)
* Further tweaks to Spectre/Meltdown mitigations (Suraj Singh)
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlqGq6IACgkQbDjKyiDZ
s5IW5Q//a2217YE+XsCaL2wJkDVGFwg56HIoD7BAgsygbiplxy5QTXSk8GO/H85A
ybi4TFnYTt2kc4fYspXPLUDAB39Juv/pDwvHL0TjJCyxnT56YwSuLN+V8U3c1uKr
H1cwxlDHjB+NFx94JDf7Ze3iUvShr/NAzlS4+N/7xENc3RewU25gl8z7+W8UGMlb
uHTgISxV2F/WkMzFlAyqQDtkurgmtvW/XRp6l804wGecPDg1GeF3EIcKTDrJ9WtS
yleQ7hTRdc3ML+66O6pWGz6fVt6IGk7rS0iJTjqmeXqv1zglbFiW5pbX6p/4OyWo
S3wsac0tAI2Vvymkh4TcfqtfmEYwC1+fCtEmBbf2QetCchcYrIDsnBEasvOFnBbL
utDliSbEQlKKMcG5/8gnIZeXQCvDWaIWUxgM6pcPYG/OU3RP2O5/+QNfpHy2pgYs
YnrNmuaiVG4qJeXYK2Y/BqBxrIjQVsJIIZumywpdY/tgmJ2A3zg2Zv83b3LBHmrE
d4k+qZmkZTBhKUYyskMDreqMEfR82VCQHjXsvblP0YGJ0M1v1MZVKiQR7goj7mfe
TIYqVxmuFwHb5dYe2wgLHKRtlZ3Z34+24Pe+lIAo+DCEAxtEHVYi/za9uNqtbf/i
jHQ5WFmaUdgLLAdomFhxSD/hg/bhGTpiJDB/yk4MUrLM76aAb78=
=2DYH
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.12-20180216' into staging
ppc patch queue 2018-02-16
Highlights of this batch:
* Conversion to TranslatorOps (Emilio Cota)
* Further bugfixes and cleanups to vcpu id allocation for pseries
(Greg Kurz)
* Another bugfix for HPT resizing (Daniel Henrique-Barboza)
* Macintosh CUDA cleanups (Mark Cave-Ayland)
* Further tweaks to Spectre/Meltdown mitigations (Suraj Singh)
# gpg: Signature made Fri 16 Feb 2018 10:00:02 GMT
# gpg: using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392
* remotes/dgibson/tags/ppc-for-2.12-20180216:
ppc4xx: Add device models found in PPC440 core SoCs
ppc/spapr-caps: Disallow setting workaround for spapr-cap-ibs
target/ppc: convert to TranslatorOps
target/ppc: convert to DisasContextBase
spapr: consolidate the VCPU id numbering logic in a single place
spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()
spapr: move VCPU calculation to core machine code
spapr: use spapr->vsmt to compute VCPU ids
ppc/spapr-caps: Change migration macro to take full spapr-cap name
hw/char: remove legacy interface escc_init()
hw/ppc/spapr_hcall: set htab_shift after kvmppc_resize_hpt_commit
cuda: convert to trace-events
ppc: move CUDAState and other CUDA-related definitions into separate cuda.h file
cuda: convert to use the shared mos6522 device
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Note that the 'Add test for migration to bad destination' displays
a 'Connection refused' during running, but still gives the correct exit
code and OK (It's checking that the source doesn't fail when
it can't connect, so that's the right error).
If it's particularly disliked that patch can be skipped individually.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJahFawAAoJEAUWMx68W/3nwE4P/ih+c4uIG6rmwmQzfrKz7usM
6yI9doyejn8uslIQAsU+me8LTGzGI8EeevAOONGO7atySIc2BzujVBxwZIRr70rj
zJpv3dbU/kLPJC40sZixJ8lvaGQ0iGe9WAGxoOf523ezBzr0ir/Ha1W270ZxgGgw
/1MFY45krye/wc+D/TdH3qjh3fkdcbbOMEcTaVJLaM2eKHfSnpQdrx7iE3Z9KZ/G
/hgXiIzz8mZsFJTRtwjV1701fj0wKVDUAqgpsY8lmOxRMmFYuZmFKk1D+ppFXaov
3dcrnP5gaX+42lQPKN5uVLH9pix3Q6AqcFRgSHRECugqFBlhckG2ZevatQIynCDB
t9kV3fG5oAbfWUASayOhH2u4RUNGo9Hp1HPx7SPRSAhhpH1/p4vUfJKOn84e+jc2
5r4Vyuit9BLwvHtt1awnVJZYVIJ/S/178/bSw//zHDQqKA1YakSmGkAWy5IT6LgF
0eGGHmzxpFE4jMI7biM8OiSd0/SjU/ijV5sSAUyJM36d+ZuzsYf7myI17JQUoPmr
/K1ld8y48MAY4K4M0wVBr8pcDY4eUw6XwWTX4FMPwYwdzdGbPNet+aR+VwCieoJU
85e2gP8celL1xQz1bb9q43vV2gqkoAiw8tyUkuXvpPwRSa5foMOrteTr5V7MP660
10Qg5Vp69SvnU7ggQCX+
=drNV
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20180214a' into staging
Migration pull 20180214
Note that the 'Add test for migration to bad destination' displays
a 'Connection refused' during running, but still gives the correct exit
code and OK (It's checking that the source doesn't fail when
it can't connect, so that's the right error).
If it's particularly disliked that patch can be skipped individually.
# gpg: Signature made Wed 14 Feb 2018 15:33:04 GMT
# gpg: using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7
* remotes/dgilbert/tags/pull-migration-20180214a:
migration: pass MigrationState to migrate_init()
migration: allow send_rq to fail
migration: provide postcopy_fault_thread_notify()
migration: reuse mis->userfault_quit_fd
migration: better error handling with QEMUFile
tests/migration: Add test for migration to bad destination
migration: Fix early failure cleanup
tests/migration: Add source to PC boot block
migration: improve documentation of postcopy-ram
migration/xen: Check return value of qemu_fclose
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In previous commit:
commit 6aa22a2918
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Mon Dec 18 19:12:27 2017 +0000
ui: add trace events related to VNC client throttling
trace points related to unthrottling client I/O were missed from the
SASL codepaths.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 20180205114938.15784-5-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The 'vs->as.freq' value is a signed integer, which is read from an
unsigned 32-bit int field on the wire. There is thus a risk of overflow
on 32-bit platforms. Move the frequency limit checking to be done at
time of read before casting to a signed integer.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-4-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The start_auth_sasl() method declares a 'Error *local_err' variable in
an inner if () {...} scope, which shadows a variable of the same name
declared at the start of the method. This is confusing for reviewers and
may trigger compiler warnings.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-3-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
For very large framebuffers, it is theoretically possible for the result
of 'vs->throttle_output_offset * VNC_THROTTLE_OUTPUT_LIMIT_SCALE' to
exceed the size of a 32-bit int. For this to happen in practice, the
video RAM would have to be set to a large enough value, which is not
likely today. None the less we can be paranoid against future growth by
using division instead of multiplication when checking the limits.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-2-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When qemu mouse mode changes from relative to absolute
we must turn off sdl relative mouse mode too.
Fixes: https://bugs.launchpad.net/qemu/+bug/1703795
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20180202120803.11501-1-kraxel@redhat.com>
The documentation on SDL_RenderPresent function states that
"the backbuffer should be considered invalidated after each present",
so copy the entire texture on each redraw.
On the other hand, SDL_UpdateTexture function is described as
"fairly slow function", so restrict it to just the changed pixels.
Also added SDL_RenderClear call, as suggested in the documentation
page on SDL_RenderPresent.
Signed-off-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
Message-id: 20180205133228.25082-1-anatoly.trosinenko@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
On one of our client's node, due to trying to read from closed ioc,
a segmentation fault occured. Corresponding backtrace:
0 object_get_class (obj=obj@entry=0x0)
1 qio_channel_readv_full (ioc=0x0, iov=0x7ffe55277180 ...
2 qio_channel_read (ioc=<optimized out> ...
3 vnc_client_read_buf (vs=vs@entry=0x55625f3c6000, ...
4 vnc_client_read_plain (vs=0x55625f3c6000)
5 vnc_client_read (vs=0x55625f3c6000)
6 vnc_client_io (ioc=<optimized out>, condition=G_IO_IN, ...
7 g_main_dispatch (context=0x556251568a50)
8 g_main_context_dispatch (context=context@entry=0x556251568a50)
9 glib_pollfds_poll ()
10 os_host_main_loop_wait (timeout=<optimized out>)
11 main_loop_wait (nonblocking=nonblocking@entry=0)
12 main_loop () at vl.c:1909
13 main (argc=<optimized out>, argv=<optimized out>, ...
Having analyzed the coredump, I understood that the reason is that
ioc_tag is reset on vnc_disconnect_start and ioc is cleaned
in vnc_disconnect_finish. Between these two events due to some
reasons the ioc_tag was set again and after vnc_disconnect_finish
the handler is running with freed ioc,
which led to the segmentation fault.
The patch checks vs->disconnecting in places where we call
qio_channel_add_watch and resets handler if disconnecting == TRUE
to prevent such an occurrence.
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20180207094844.21402-1-klim.kireev@virtuozzo.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
